Re: NIS and Samba - can't authenticate Windows 98 clients
On (08/06/03 18:29), Todd Pytel wrote:
> You need to be more specific about how things are set up, specifically
> the Samba security level (share, user, domain, etc.). Generally
> speaking, Samba and NIS don't really go together. Samba, in most
> setups (there are many possibilities), authenticates its users against
> the smbpasswd file. This is a separate password database from
> /etc/passwd, though samba can be configured to keep them in sync. It
> will not read NIS for passwords at all, though. At best, Samba could
> use NIS for uid/gid mapping, but that's about it.
Todd
Hydra is the debian box that I've set up as the NIS server. In its
smb.conf file, I've tried a number of different settings:
workgroup = PRIORYROAD (as in Windows Network Neighbourhood)
netbios name = Hydra
security = domain
I'm not sure what you mean by "share" but as I wrote earlier everything
seems to work fine on the linux side.
>From what you say, maybe what I'm trying to do is not possible or
certainly beyond my limited capabilities ;-) Anyway I'll try to
describe what I want to achieve and perhaps you can advise whether it
will fly.
We have two HP LH Pro Servers running stable, Hydra and Zeus. Hydra is the
main server for work files to be accessed by two clients: a Dell PC
(Monty used by Maggie) dual booting Windows98 and Woody; a G4 (Apollo
used by me) dual booting MacOSX and Woody/Sarge. Zeus is mainly serving
music files to these two clients.
We have a Mac8100/80 (Phoenix) running Woody and serving work files and
music to 2 further PC's (Fred and George used by our boys, Jason and Luke)
both running windows98.
Prior to experimenting with NIS, I set up Maggie and Clive as users on
each of Hydra, Zeus, Phoenix using the same UID's, GUID's and passwords
as on their workstations. All three servers are running NFS and Samba
and subject to "exports" and permissions, all the Windows users (Maggie,
Luke and Jason) can access files on the relevant servers. Maggie (on
Monty) can also access all three servers via NFS.
To try NIS I setup Hydra as the NIS server and removed Maggie's user
details from Phoenix to test whether she could still access it using the
NIS info on Hydra. On the Linux side it seemed to work seemlessly.
When Monty is booted into Windows she can't access Phoenix because Samba
isn't talking to NIS, I guess.
In an ideal world, I would like to maintain all user and group
information on one server (Hydra) and let it validate users for itself,
Zeus and Phoenix. Sorry if this is a bit long winded.
>
> Clive Menzies <clive@clivemenzies.co.uk> wrote:
>
> > The problem arises when booting the same client into windows98 - it
> > doesn't seem to find the NIS server to validate the user.
>
> What do you mean by "validate the user"? Are you using "Windows Family
> Logon" or "Client for Microsoft Networks"? Can the 98 machine browse
> the network? Or just not access the share? How many machines are
> running NFS? Samba? Any log messages on the Samba machine? Details,
> please.
Maggie is using "Client for Microsoft Networks" She can see Phoenix on
Network Neighbourhood but selecting it prompts for a password which is
rejected as invalid.
I haven't enabled logging on the three Samba servers but if Monty is not
finding the NIS info, would this show anything? I can send you the
various conf files (probably better done off list) if you think this
will help.
I am very interested to know how to achieve this not so much for this
network but because if we advise clients on migration to Linux, we may
need a solution to the problem of maintaining users on a mixed network.
It seems to be possible using an NT Name Server but it would be
preferable to be able to suggest an open source alternative.
Thanks again
Clive
Reply to: